Senior Analyst, Info Security Resume Samples

4.5 (87 votes) for Senior Analyst, Info Security Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the senior analyst, info security job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
JG
J Gorczany
Jeremie
Gorczany
2180 Stark Circles
Los Angeles
CA
+1 (555) 160 2755
2180 Stark Circles
Los Angeles
CA
Phone
p +1 (555) 160 2755
Experience Experience
New York, NY
Info Security Senior Analyst
New York, NY
Rowe-Emard
New York, NY
Info Security Senior Analyst
  • May make technical presentations to Xerox management and/or clients
  • Develop IT security policies, standards, and guidance
  • Provide continuous monitoring support utilizing tools for information systems
  • Advising project managers on the implementation of DHS encryption standards
  • Create documentation to support information system authorization/accreditation packages
  • Works professional hours which may include extended or after hours support
  • Validating all information system security reporting
Boston, MA
Senior Analyst, Info Security
Boston, MA
Gaylord-Waters
Boston, MA
Senior Analyst, Info Security
  • Collaborate with management in developing technical directions, setting objectives and setting realistic and challenging goals
  • Perform perfective maintenance and/or advanced configuration of equipment in order to protect the network from emerging cyber threats
  • Provides feedback to engineering on HBSS documentation and process improvements
  • Assists Software Lead Engineers (SLE) in developing alteration packages to include Ship Change Documents (SCDs), engineering change proposals (ECPs), and ship alterations (SHIPALTs)
  • Ensures compliance with Federal; DoD and DoN Information Assurance policies. Incumbent utilizes extensive knowledge of all areas of information security to establish operating standards and procedures for the IA Program
  • Reviews risk analysis and accreditation documentation for timeliness, completeness and accuracy, and ensures that all necessary materials are submitted for review
  • Maintains compliance with Federal, DoD and DoN Cybersecurity policies. Incumbent utilizes extensive knowledge of all areas of cybersecurity to establish operating standards and procedures for the Cybersecurity Program
present
Chicago, IL
Senior Info Security GRC Analyst
Chicago, IL
Pagac and Sons
present
Chicago, IL
Senior Info Security GRC Analyst
present
  • Perform other duties as assigned by management
  • Work closely with regulators and auditors responding to information requests verbally and by providing documentation upon request
  • Maintain strong working relationships with individuals and groups involved in managing information security risks across the organization
  • Lead and/or support information security risk management program reporting efforts
  • Execute administrative tasks in Archer to include, but not limited to, report generation, form creation, and workflow design
  • Identify opportunities and lead efforts to drive organizational information security risk posture and process improvement
  • Perform security risk assessments on new or existing products, services, and technologies to analyze controls, identify and evaluate mitigating control opportunities and assign residual risk using the organizational risk management methodology
Education Education
Bachelor’s Degree in Information Technology
Bachelor’s Degree in Information Technology
Cornell University
Bachelor’s Degree in Information Technology
Skills Skills
  • Understanding of DHS/DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies
  • Strong understanding of RMF, NIST SP 800-53 IA Controls, eMASS, and ACAS
  • Knowledge of work planning and resource estimation techniques sufficient to develop milestones and estimate completion dates
  • Ability to research policies, procedures, standards, and guidance; then apply to specific conditions for protection of information and information systems
  • Knowledge of Operating System hardening and remediation IAW the DISA Security Technical Implementation Guides (STIGs)
  • Advanced knowledge of cyber security administration principles, methods, and techniques
  • Proficient with Telos Xacta IA Manager system
  • Implement policies and procedures to protect the integrity and availability of systems, networks, and data
  • Produce daily updates and status reports to Certifying Authorities
  • Security Certification and Accreditation of a variety of Department of Defense and Intelligence Community automated information systems (AIS)
Create a Resume in Minutes
1

Info Security Senior Analyst Resume Examples & Samples

  • Symantec PGP products for Email, McAfee Endpoint Encryption, Checkpoint Whole disk encryption solutions
  • Tivoli TKLM, IBM SKLM and Oracle KMA
  • RSA Two-Factor Authentication
  • Participates and/or leads others in technical proposal process
  • May make technical presentations to Xerox management and/or clients
  • Participates in regular on-call responsibilities that may include 24x7 support
  • Verbal and written communication on in-depth technical issues to clients
  • Focused support for disaster recovery or critical technical issues
2

Senior Analyst, Info Security Resume Examples & Samples

  • Understanding of DHS/DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies
  • Strong understanding of RMF, NIST SP 800-53 IA Controls, eMASS, and ACAS
  • Ability to conduct Information Systems vulnerability assessment, risk mitigation, and Plan of Action and Milestone (POA&M) development and tracking; understanding and application of mitigation strategies, IAVAs, and IAVBs
  • Ability to research policies, procedures, standards, and guidance; then apply to specific conditions for protection of information and information systems
  • Five years of direct or related Information Assurance / Cybersecurity or Information Technology experience
  • Network and/or System Administration technical expertise with Microsoft (primarily) operating systems, Linux/Unix operating systems, Cisco products, and VMWare/virtualization
  • Experience with DoD and Service cyber ranges, such as construction, topology, or operations
  • Experience with wireless (802.11) protocols, wireless network scanning tools, and mobile device security
  • Experience with Cross Domain systems / guards
  • Certified (or capable of obtaining within six months) IA Workforce Level II certification (e.g., CISSP, GSLC, CAP, CISM)
3

Senior Analyst, Info Security Resume Examples & Samples

  • Perform pre-validation A&A that includes performance of A&A testing and vulnerability scanning in order to validate IA policy, regulation, Security Technical Implementation Guide (STIG), and Best Business Practice (BBP) compliance
  • Assist in the development of procedures to generate and maintain required documentation to include the System Security Authorization Agreement (SSAA) and tracking methods
  • Perform or review technical security assessments of computing environments to identify points of vulnerability or non-compliance with established IA standards and regulations and recommend mitigation strategies
  • Assess and mitigate system security threats/risks through the program life cycle
  • Validate system security requirements definitions and analysis tools. Establishes system security design and verifies security requirements
  • Must possess and maintain a Top Secret SCI Security Clearance
  • Additional specific certifications may be required, depending on job assignment
  • Two or more years direct A&A experience required
  • Must have extensive experience in cybersecurity documentation and system authorization artifacts (System Security Plan, lifecycle documentation, continuous monitoring plan, Security Assessment Plan, Security Assessment Report, Risk Assessment, etc.)
  • Must have experience with DoD Cybersecurity configuration and assessment guidance and tools (STIGS, ACAS, SCAP, Nessus, etc.) and experience with security architectures, firewalls and network access
  • Must have working knowledge of the DoD CS policy requirements set forth in DoDI 8500.01, “Cybersecurity,” and DoDI 8510.01, “Risk Management Framework (RMF) for DoD Information Technology” and their successors
  • Extensive hands-on technical knowledge of network systems, protocols and standards
  • Hands on administration of HBSS
  • Familiar with the installation, configuration, and management of IP encryption devices
  • Experience in a coalition environment a plus
4

Senior Analyst, Info Security Resume Examples & Samples

  • Creates; Submits; Validates Certification and Accreditation (C&A) packages in accordance with DIACAP/RMF (DoDI 8510.01)
  • Creates; Submits; Validates Platform IT (PIT) Risk Approval (PRA) packages in accordance with NAVSEAINST 9400.2
  • Ensures compliance with Federal; DoD and DoN Information Assurance policies. Incumbent utilizes extensive knowledge of all areas of information security to establish operating standards and procedures for the IA Program
  • Reviews risk analysis and accreditation documentation for timeliness; completeness and accuracy; and insures that all necessary materials are forwarded for review
  • Conducts threat and vulnerability analysis to assess and determine effective measures to minimize risks and ensure IS is operational and secure
  • Prepares computer incident reports which include analysis methodology and results
5

Senior Info Assur Security Analyst Resume Examples & Samples

  • Top Secret Clearance/SCI with current SSBI Required
  • A Bachelors Degree (BA/BS) in Business, Computer Science or equivalent experience is required
  • 5 years of related experience is required
6

Senior Analyst, Info Security Resume Examples & Samples

  • Provide 24X7 on-site project management and oversight of Operation and Maintenance (O&M) information technology teams, sections, and units responsible for support of Brigade assets throughout the AOR
  • Full working Knowledge, instructs, and enforces AR 25-2
  • Develops Triage policies and procedures to evaluate suspicious activity
  • Responsible for all aspects of Network Security Center (NSC) physical network security
  • Responsible for assisting in all aspects of NSC automated information security to include accreditations
  • Manages, tracks and produces trend reports information Assurance (IAVM )process from MSG's
  • Provides Centralized IAVA and IAVM roster AOR IA personnel and system administrators
  • Conducts evaluation of security events
  • Performs user account management, to include but not limited to Common Access Card (CAC), Biometrics and Public Key Identification (PKI)
  • Ensures security and accreditation requirements are met and maintained for customer connections
  • Minimum 5 years network security administration responsibility
  • Subject matter expert with Microsoft Windows Server Update Services (WSUS), Microsoft Windows Systems Management Server (SMS), and Update Expert configuration, schedule software pushes, and remote asset inventory
7

Senior Analyst, Info Security Resume Examples & Samples

  • Assist with conducting Security Testing & Evaluation (ST&E) for enclave and system accreditations and provide corrective actions to resolve or mitigate vulnerabilities that are identified
  • Be intimately familiar with to develop, modify, review and provide input for C&A packages for accreditation and re-accreditation
  • Have the ability to work independently on multiple accreditation packages for SSCPAC RDT&E systems
  • Provide system engineering, integration, and life-cycle support for a variety of Navy Research and Development systems
  • Experience with applying DISA Security Technical Implementation Guide or STIGs, and Security Recommendation Guides (SRG)
  • Extensive experience with Assured Compliance Assessment Solution (ACAS) Detailed Vulnerability List Reports, with the ability to interpret and mitigate system vulnerabilities as required
  • 5-7 Years of directly related experience in Information Assurance and/or support with experience in the Cyber Security to support the DoD DIACAP process
  • 3-5 Years Systems engineer related experience
8

Senior Analyst, Info Security Resume Examples & Samples

  • Review proposed new systems, networks, and software designs for potential security risks; recommend mitigation or countermeasures, and resolve integration issues related to the implementation of new systems within the existing infrastructure
  • Develop long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities. Coordinate the implementation of security programs across Tier I, II, and III systems, and establish vulnerability reporting criteria
  • Review and evaluate security incident response policies, identify the need for changes based on new security technologies or threats, test and implement new policies and establish measures to ensure awareness and compliance
  • Develop solutions to integration/interoperability issues, design, develop, and manage IT security systems that meet current and future business requirements, and apply and/or extend, enhance, optimize existing architecture
  • Develop IT security system projects from design to support, evaluate the effectiveness of systems and services, provide advice and solutions to a wide range of IT issues
  • Must be capable of obtaining and maintaining a Secret Clearance
  • This position may be required to complete short-term deployments to austere locations worldwide
9

Senior Cyber Info Sys Security Analyst Resume Examples & Samples

  • Instructs, counsels, and guides work of other members when functioning as a Team Leader, while at other times will participate as a member of the team
  • Provide network certification and accreditation support for Navy systems and networks
  • Network documentation
  • NRL process and procedure development
  • Maintain compliance with DOD, Navy, NRL, and other Intelligence Community cybersecurity guidelines, standards, and policies
  • BA/BS in Information Systems Management, Computer Science or related discipline. In lieu of formal education, at least 16 years of related experience
  • 8 to 10 years’ experience, to include applicable security discipline principles, practices, and procedures
10

Senior Analyst, Info Security Resume Examples & Samples

  • Experience with USCYBERCOM Information Assurance Vulnerability Management (IAVM) and Intelligence Community Vulnerability Management (ICVM) Programs. This is to include the monitoring, tracking, and reporting of the vulnerabilities within the Programs
  • Experience with DOD Assured Compliance Assessment Solution (ACAS). Individual should understand how to create asset lists, reports, and perform analysis using the SecurityCenter
  • Experience with vulnerability scan results, vulnerability assessments, and vulnerability analysis
  • Knowledgeable of Directives, Instructions, Manuals issued by the Department of Defense (DOD), Chairman of the Joint Chief of Staff (CJCS), and Office of the Director of National Intelligence (ODNI) pertaining to cyber security. Individual should be able to demonstrate the ability to locate and research these documents
  • Experience with US Cyber Command (USCYBERCOM) Cyber Order Management. Individual should have knowledge of the process by which USCYBERCOM releases, monitors, and receives reporting. In addition, familiarity with USCYBERCOM’s website for monitoring of releases and updates. Cyber Order Management includes OPORDS, TASKORDS, WARNORDS, DEPORDS, and PLANORDS
  • Knowledge of Cyber Command Readiness Inspections (CCRI)
  • Knowledge of Computer Network Defense Service Provider (CNDSP) Inspections
  • Experience with creating reports, briefings, and standard operating procedures (SOP) for all three levels: Senior Leadership, Management, Administrative
  • Monitor, distribute, and track USCYBERCOM IAVMs / Intelligence Community Security Coordination Center (IC SCC) ICVMs
  • Analyze, report, and track compliance with IAVMs/ICVMs using ACAS
  • Support the customer’s organization with CCRIs and CNDSP Inspections
  • Monitor and track Directives, Instructions, and Manuals that impact the processes conducted by the team
  • Monitor, distribute, and track USCYBERCOM Cyber Orders that affect the customer’s organization. Maintain/Update SharePoint tracking lists and repositories
  • Maintain/Update team SOPs
  • Requires a TS/SCI Clearance
11

Senior Analyst, Enterprise Info Security Resume Examples & Samples

  • At least 3 years of Archer experience (Preferably Archer 5.X) including on-demand application development, configuring data feeds, reports etc
  • Experience with Governance, Risk, and Compliance (GRC) domains such as risk management, PCI, SOX, incident management, BCM etc
  • Strong experience in project / program management
  • GOOD VERBAL AND COMMUNICATION SKILLS WITH DIVERSE CROSS FUNCTIONAL GROUPS & THE ABILITY TO PRESENT EFFECTIVELY TO SMALL & LARGE GROUPS
  • KNOWLEDGE OF INFORMATION SECURITY POLICIES AND REGULATORY CONTROLS (PER TEAM FUNCTION)
  • MINIMUM 6 YEARS OF EXPERIENCE IN INFO SECURITY TECHNOLOGY OR RELATED FIELD
12

Senior Analyst, Info Security Resume Examples & Samples

  • Serves as a task owner for processes and serve as a Risk Management Framework (RMF) resource for team and organization
  • Requires 5+ years of information systems security experience or related field
  • Active DoD TS/SCI Subject matter expert knowledge for specific and general industry security practices
  • Understanding and Experience with: VMware Virtualization Technologies a plus
13

Senior Analyst, Info Security Resume Examples & Samples

  • Provide technical and / or project leadership function for assigned projects
  • Make technical decisions by applying fundamental engineering principles and specialized knowledge or skills to assigned tasks
  • Collaborate with management in developing technical directions, setting objectives and setting realistic and challenging goals
  • Provide timely leadership and direction to supporting organizations
  • Assist in the modification or establishment of operating practices
  • Monitor US Cyber Command and DISA Information Assurance Security Environment (IASE) alerts and notices for impact on GDIT-serviced systems
  • Ensure responsible GDIT responsible engineers are aware of all actionable alerts and notices issued by the US Cyber Command, DISA IASE, and/or O&M Agency
  • Report compliance of GDIT-serviced systems with actionable US Cyber Command, DISA IASE, and/or O&M Agency alerts and notices
  • Collaborate with responsible GDIT engineers to develop POA&Ms when 100% compliance cannot be achieved with actionable US Cyber Command, DISA IASE, and/or O&M Agency alerts and notices
  • Perform Operations & Maintenance functions for the ITA network security infrastructure (firewalls, web gateways, mail gateways, ids, load balancers, performance monitoring tools, mgt systems, etc)
  • Perform perfective maintenance and/or advanced configuration of equipment in order to protect the network from emerging cyber threats
  • Conduct forensic traffic/log analysis to isolate issues or respond to analyst alerts
  • Maintain and administer network infrastructure standards, documentation and fault tolerance
  • Present Monitoring/Test Results and Reports as required
14

Senior Analyst, Info Security Resume Examples & Samples

  • Security Certification and Accreditation of a variety of Department of Defense and Intelligence Community automated information systems (AIS)
  • Provide Information Assurance (IA) duties in support of DoD certification and accreditation processes
  • Implement policies and procedures to protect the integrity and availability of systems, networks, and data
  • Proficient with Telos Xacta IA Manager system
  • Have experience with DIACAP, RMF, NIST and A&A processes
  • Prepare, submit, and coordinate DoD Risk Management Framework (RMF) packages and documents
15

Senior Analyst, Info Security Resume Examples & Samples

  • Responsible for system operations and maintenance (O&M), and security of the enterprise servers
  • Develops TTPs that address how the organization will ensure HBSS is fully operational in accordance with USCYBERCOM directives
  • Ensures all implemented patches; maintenance releases, version upgrades, and implemented tuning are integrated into the program baseline
  • Updates the HBSS agents, modules, signature files, and policy sets within 30 days of release/approval by CAB
  • Ensures Rogue System Detection sensors have coverage per USCYBERCOM direction and alerts are reviewed daily
  • Identifies and reports any implementation, configuration, resource and coverage gaps regarding the deployment and operation of HBSS
  • Operates HBSS on all assets in accordance with approved operating procedures. This includes monitoring HBSS operations and alert logs, notifying their chain of command in accordance with local incident handling procedures, and updating HBSS agents with appropriately approved HBSS policy set changes, programmatic updates, and patches
  • Ensures all assets are being monitored by HBSS, and coordinate with local support to install HBSS agent if unable to install remotely
  • Serves as first level escalation point for HBSS related tickets/issues
  • Works to identify root cause of HBSS-related incidents and provide workaround if applicable to restore service
  • Assists with troubleshooting all escalated issues
  • Provides feedback to engineering on HBSS documentation and process improvements
  • Remediates all systems with missing or out of compliance modules and/or antivirus and HIPS definitions
  • Remediates Distributed Repository replication failures
  • Adds IP addresses to Trusted Networks for any vulnerability scanners in use by IAD
  • Implements appropriate blocking actions requested by USCYBERCOM in accordance with approved TTPs
  • Must have the following experience
  • 2+ years’ experience working with and a basic knowledge of Windows server 2008 R2 and Windows server 2012 R2 system administration
  • 2+ years’ experience and a general understanding of applying patches and updates to servers and workstations
  • Must meet DoDI 8570.01-M Certification with a CND-SP or IASAE specialization required (GCIA, CEH, GCIH, GCFA, CASP)
  • ITIL v3 Certification preferred
16

Info Security Senior Analyst Resume Examples & Samples

  • Investigating and analyzing events related to cyber incidents
  • 3 - 5 years of information security related experience in areas such as security operations, incident analysis, incident
  • Experience with UNIX/LINUX a plus
  • GCIA, CEH, CHFI, ASCA, SnortCP or SFCA a plus
17

Senior Analyst, Info Security Resume Examples & Samples

  • Creates, Submits, and Validates Assess & Authorize (A&A) packages in accordance with DIACAP/RMF (DoDI 8510.01)
  • Creates, Submits, and Validates Platform IT (PIT) Assess & Authorize (A&A) packages in accordance with NAVSEAINST 9400.2
  • Maintains compliance with Federal, DoD and DoN Cybersecurity policies. Incumbent utilizes extensive knowledge of all areas of cybersecurity to establish operating standards and procedures for the Cybersecurity Program
  • Reviews risk analysis and accreditation documentation for timeliness, completeness and accuracy, and ensures that all necessary materials are submitted for review
  • Conducts threat and vulnerability analysis to assess and determine effective countermeasures or mitigations that minimize risks and ensure the IS is operational and secure
  • Assists with implementation of counter-measures or mitigating controls for afloat and land-based environments
  • Ensures the integrity and protection of tactical/RDT&E networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
  • Performs periodic and on-demand system audits and vulnerability assessments to determine compliance
  • Prepares computer incident reports, which include analysis methodology and results
  • Provide cybersecurity technical and administrative support for command assessments and inspections
  • Provide cybersecurity engineering and maintenance in support of the installation and validation ship control systems, components, and methodologies
  • Assists Software Lead Engineers (SLE) in developing alteration packages to include Ship Change Documents (SCDs), engineering change proposals (ECPs), and ship alterations (SHIPALTs)
  • 5-8 years of related experience in a cybersecurity-related expertise
  • Minimum Required Certifications: Certification Authorization Professional (CAP), Security+ Continuing Education (CE), Industry Operating System (OS) certification [e.g. Microsoft Technology Associate (MTA), (Microsoft Certified Solutions Associate (MCSA), or Red Hat Certified Engineer (RHCE)]
  • Preferred Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Leadership Certificate (GSLC), Fully Qualified Navy Validator (FQNV), CompTIA Advanced Security Practitioner (CASP)
  • Advanced knowledge of cyber security administration principles, methods, and techniques
  • Knowledge of DoDI 8500.2 Information Assurance Control (IAC) and NIST 800-53 Security Control implementation and validation, from a systems engineering perspective, as applied to DoD IS
  • Knowledge of Operating System hardening and remediation IAW the DISA Security Technical Implementation Guides (STIGs)
  • Experience with Assured Compliance Assessment Solution (ACAS) (Nessus), SCAP Compliance Checker (SCC). and the DISA STIG Viewer
  • Familiarity with Enterprise Mission Assurance Support Service (eMASS) and associated business rules for completing C&A/A&A packages
  • Experience with Microsoft Windows and UNIX (Linux) operating systems
  • Knowledge of work planning and resource estimation techniques sufficient to develop milestones and estimate completion dates
  • Experience with MS Office applications including Word, Excel, PowerPoint, and Visio
18

Data Analyst Senior to Data Analyst Lead-info Security Resume Examples & Samples

  • Work with business partners to understand information needs
  • Analyze requirements and convert them into data reports
  • Develops complex queries against data sources
  • Analyze information security business procedures and recommend data that can be used to make improvements
  • Explains and translates analysis into a business story by discussing analysis approach, summary of findings and ultimately influencing and recommending action when needed
  • Bachelor's degree in a related field of study, such as Finance, Mathematics, Accounting, Economics or Statistics
  • Four years of analytical work experience in a professional setting
  • In lieu of a degree, a minimum of 7 years property casualty insurance experience with related analytical experience (e.g., analytical work in a professional setting
19

Info Security Senior Analyst Resume Examples & Samples

  • Create documentation to support information system authorization/accreditation packages
  • Be required to develop technical security documentation including items needed to develop a complete System Security Plan (SSP)
  • Provide continuous monitoring support utilizing tools for information systems
  • Ensuring artifact quality control of Security Assessment and Authorization (formerly Certification and Accreditation or C&A) documentation
  • Overseeing the Plan of Action and Milestones (POA&M) process for assigned systems
  • Reviewing and monitoring POA&Ms for each IT system
  • Ensuring that the Xacta automated tool, is utilized for conducting security assessment and authorization evaluations, and for reporting required IT security program status information
  • Must possess one of the following current certifications: CISSP OR CASP
  • Strong Knowledge of the NIST 800-37 and other Risk Management Frameworks (DIACAP)
  • Extensive knowledge of the C&A process within the NIST Risk Management Framework and experience reviewing, advising, and processing and maintaining A&A Packagesthroughout the lifecycle of the system
  • Knowledge and experience reporting Information Assurance Vulnerabilities Messages (ISVMs) in compliance with Federal Guidelines
  • Demonstrate competency in the use of DHS automated tool sets, including Xacta
  • Exceptionally good written and oral communication skills
  • Good interpersonal and consulting-type skills
  • Desirable skills– Scripting in Perl, SQL, Java, Unix/Linux
20

Senior Info Security GRC Analyst Resume Examples & Samples

  • Provide thought leadership and serve as a subject matter expert in areas of technology and business process security controls including but not limited to infrastructure, architecture, platforms, and networking
  • Identify opportunities and lead efforts to drive organizational information security risk posture and process improvement
  • Perform security risk assessments on new or existing products, services, and technologies to analyze controls, identify and evaluate mitigating control opportunities and assign residual risk using the organizational risk management methodology
  • Provide consultative advice to internal customers that enables the leadership team to make informed risk decisions and to assist with the development of acceptable risk mitigation strategies
  • Assist in the development and maintenance of information security policies, standards, and control procedures to enable compliance with applicable regulations and industry standards, including Payment Card Industry Data Security Standard (PCI DSS), Sarbanes Oxley (SOX) and Gramm-Leach-Bliley Act (GLBA)
  • Lead and/or support information security risk management program reporting efforts
  • Work closely with regulators and auditors responding to information requests verbally and by providing documentation upon request
  • Maintain strong working relationships with individuals and groups involved in managing information security risks across the organization
  • Participate and contribute in moderate to highly complex projects pertaining to the organization’s long-term information security strategy
  • Keep abreast of latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to Alliance Data and its mission
  • Execute administrative tasks in Archer to include, but not limited to, report generation, form creation, issue management, risk assignment and workflow design
  • Evaluate, design, and recommend efficiencies and value add with new RSA Archer GRC capabilities
  • Perform routine Archer configuration management and basic development leveraging On-Demand Applications (ODAs)
  • 5 years of Information Security, IT Audit/Compliance, or related experience required
  • Experience with RSA Archer or other GRC tool
  • Proficient in report generation using Microsoft Excel, PowerPoint, or other reporting tools
  • Understanding of PCI DSS, SOX, ISO 27001/27002, NIST Cybersecurity Framework, COBIT, and ITIL frameworks
  • Strong ability and desire to work in a team fostered, fast-paced, multi-tasking environment
  • Highly motivated self-starter who demonstrates initiative and can work independently
  • Archer Certified Administrator preferred
21

Senior Info Security GRC Analyst Resume Examples & Samples

  • Provide thought leadership and serve as a subject matter expert in one or more areas or responsibilities
  • Identify opportunities and lead efforts to drive information security risk management process improvement
  • Perform assessments of new or existing products, services, and technologies to analyze controls, evaluate residual risk, identify improvement areas, and communicate results to management
  • Assist in the development and maintenance of information security policies, standards, and control procedures supporting Card Services’ long-term security strategy and compliance with applicable regulations and industry standards, including Payment Card Industry Data Security Standard (PCI DSS) and Gramm-Leach-Bliley Act (GLBA)
  • Gather documentation/technical information in support of issue remediation efforts and audit requests
  • Participate in moderate to highly complex projects pertaining to the organization’s long-term information security strategy
  • Execute administrative tasks in Archer to include, but not limited to, report generation, form creation, and workflow design
  • Archer GRC experience
  • Ability to work in a team fostered, fast-paced, multi-tasking environment